Network Complexity Models for Automated Cyber Range Security Capability Evaluations: Relating Network Complexity to Defensive Difficulty to Enable Comprehensive Evaluation

摘要

For any organization to maintain a strong cyber security posture, it is important to test readiness and capabilities of cyber security teams and the tools that they use. In order to design and conduct experiments to assess performance of defensive cyber security teams and tools, it is crucial to either ensure the test range accurately represents the real environment in which the defensive teams or tools normally would operate or to ensure that testing is conducted across a suite of test ranges that provides comprehensive coverage of the potential real-life network environments. In this paper, we present a novel network complexity scoring framework that is designed to capture the set of the network attributes that have the principal impact on the performance of defenders and defensive tools and to differentiate networks according to defensive difficulty.